pawl/gist:8ede83279908f686df94bb8db9e63cc8

## gistfile1.txt
version: "3"
services:
  shinobi:
    image: registry.gitlab.com/shinobi-systems/shinobi:dev
    container_name: Shinobi
    environment:
      - PLUGIN_KEYS={}
      - SSL_ENABLED=false
    volumes:
      - ~/Shinobi/config:/config
      - ~/Shinobi/customAutoLoad:/home/Shinobi/libs/customAutoLoad
      - ~/Shinobi/database:/var/lib/mysql
      - ~/Shinobi/videos:/home/Shinobi/videos
      - ~/Shinobi/plugins:/home/Shinobi/plugins
      - /dev/shm/Shinobi/streams:/dev/shm/streams
    restart: unless-stopped
    network_mode: "service:gluetun"

  gluetun:
    image: qmcgaw/gluetun
    container_name: gluetun
    cap_add:
      - NET_ADMIN
    environment:
      - VPN_SERVICE_PROVIDER=custom
      - VPN_TYPE=wireguard
      - VPN_ENDPOINT_IP=<wireguard endpoint ip>
      - VPN_ENDPOINT_PORT=<wireguard port>
      - WIREGUARD_PUBLIC_KEY=<pub key>
      - WIREGUARD_PRIVATE_KEY=<private key>
      - WIREGUARD_PRESHARED_KEY=<preshared key>
      - WIREGUARD_ADDRESSES=<wireguard ip>/32
      # 0.0.0.0/0 but disallowing routing 192.168.7.0/24 camera subnet through vpn
      - WIREGUARD_ALLOWED_IPS="0.0.0.0/1, 128.0.0.0/2, 192.0.0.0/9, 192.128.0.0/11, 192.160.0.0/13, 192.168.0.0/22, 192.168.4.0/23, 192.168.6.0/24, 192.168.8.0/21, 192.168.16.0/20, 192.168.32.0/19, 192.168.64.0/18, 192.168.128.0/17, 192.169.0.0/16, 192.170.0.0/15, 192.172.0.0/14, 192.176.0.0/12, 192.192.0.0/10, 193.0.0.0/8, 194.0.0.0/7, 196.0.0.0/6, 200.0.0.0/5, 208.0.0.0/4, 224.0.0.0/3"
      - EXTRA_SUBNETS=192.168.7.0/24
      - FIREWALL_VPN_INPUT_PORTS=8080
    volumes:
      - ~/gluetun:/gluetun
    restart: unless-stopped
    ports:
      - 8080:8080
	version: "3"
	services:
	shinobi:
	image: registry.gitlab.com/shinobi-systems/shinobi:dev
	container_name: Shinobi
	environment:
	- PLUGIN_KEYS={}
	- SSL_ENABLED=false
	volumes:
	- ~/Shinobi/config:/config
	- ~/Shinobi/customAutoLoad:/home/Shinobi/libs/customAutoLoad
	- ~/Shinobi/database:/var/lib/mysql
	- ~/Shinobi/videos:/home/Shinobi/videos
	- ~/Shinobi/plugins:/home/Shinobi/plugins
	- /dev/shm/Shinobi/streams:/dev/shm/streams
	restart: unless-stopped
	network_mode: "service:gluetun"

	gluetun:
	image: qmcgaw/gluetun
	container_name: gluetun
	cap_add:
	- NET_ADMIN
	environment:
	- VPN_SERVICE_PROVIDER=custom
	- VPN_TYPE=wireguard
	- VPN_ENDPOINT_IP=<wireguard endpoint ip>
	- VPN_ENDPOINT_PORT=<wireguard port>
	- WIREGUARD_PUBLIC_KEY=<pub key>
	- WIREGUARD_PRIVATE_KEY=<private key>
	- WIREGUARD_PRESHARED_KEY=<preshared key>
	- WIREGUARD_ADDRESSES=<wireguard ip>/32
	# 0.0.0.0/0 but disallowing routing 192.168.7.0/24 camera subnet through vpn
	- WIREGUARD_ALLOWED_IPS="0.0.0.0/1, 128.0.0.0/2, 192.0.0.0/9, 192.128.0.0/11, 192.160.0.0/13, 192.168.0.0/22, 192.168.4.0/23, 192.168.6.0/24, 192.168.8.0/21, 192.168.16.0/20, 192.168.32.0/19, 192.168.64.0/18, 192.168.128.0/17, 192.169.0.0/16, 192.170.0.0/15, 192.172.0.0/14, 192.176.0.0/12, 192.192.0.0/10, 193.0.0.0/8, 194.0.0.0/7, 196.0.0.0/6, 200.0.0.0/5, 208.0.0.0/4, 224.0.0.0/3"
	- EXTRA_SUBNETS=192.168.7.0/24
	- FIREWALL_VPN_INPUT_PORTS=8080
	volumes:
	- ~/gluetun:/gluetun
	restart: unless-stopped
	ports:
	- 8080:8080